desktopBFI[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

desktopBFI.exe
Size

23KB
MD5

143e34289bf8961bc1cb51469d770554
SHA1

de2ed9e3033bf59fade848774a37c74aa9265dd3
SHA256

08742acc7d4589c0cc017f7454d44978b2e6e0c688b11c6b2b6d14a3419e03e4
SHA512

8454b36bd7b54c4db5900b5688f9ab3b083fea8f0f4b18cfe7827df3cd38479a3e47874b2eca46c4013b7f73971c813a725e096a546646c56f3d27488fa0ae94
SSDEEP

384:7tOjuBiXyj+NeJPHMZGJmlsl4ioR1xxH5Yp594gchU1fB:BlmuZfMZsmlsl4tYfCgc2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
desktopBFI.exe

Files

desktopBFI.exe
.exe windows:6 windows x64 arch:x64

a6c8ac606aa433ea32629fbe3170e37c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\fuzun\Documents\GitHub\desktopbfiprojNew\desktopBFI\x64\Release\desktopBFI.pdb

Imports

kernel32

RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
RtlLookupFunctionEntry
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlCaptureContext
GetCurrentThread
SetThreadPriority
QueryPerformanceCounter
GetCommandLineW

user32

DestroyWindow
LoadCursorA
DispatchMessageA
PostQuitMessage
GetDC
FillRect
GetSystemMetrics
ShowWindow
SetRect
PeekMessageA
LoadIconA
TranslateMessage
SetLayeredWindowAttributes
CreateWindowExA
DefWindowProcA
MessageBoxA
RegisterClassExA
RedrawWindow
DrawTextA
EndPaint
BeginPaint
ReleaseDC
UpdateWindow

gdi32

D3DKMTOpenAdapterFromHdc
GetStockObject
D3DKMTWaitForVerticalBlankEvent
D3DKMTGetScanLine
CreateSolidBrush

shell32

CommandLineToArgvW

msvcp140

_Xtime_get_ticks
_Query_perf_counter
_Query_perf_frequency

vcruntime140

__std_exception_copy
memset
_CxxThrowException
__std_exception_destroy
__C_specific_handler
_purecall

api-ms-win-crt-convert-l1-1-0

_wtoi

api-ms-win-crt-stdio-l1-1-0

__p__commode
__stdio_common_vsprintf
_set_fmode

api-ms-win-crt-math-l1-1-0

log
round
__setusermatherr
cbrt
sqrt

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_seh_filter_exe
_crt_atexit
terminate
_set_app_type
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
_initialize_narrow_environment
_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6c8ac606aa433ea32629fbe3170e37c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

msvcp140

vcruntime140

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 696B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 120B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 696B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 120B